<?
$smarty=new Smarty();
if(!ANTIHACK) die("ANTIHACK...");
include_once("../includes/language_vi.php");
$smarty->assign("nameact","Sửa tài khoản");
if($_GET['do']=="del")
{
	$id=intval($_GET['id']);
	if($id>0)
	{
		query("delete from user where id=$id");
		echo "<script>alert('Xóa Tài khoản thành công!');
		location.href='".base_admin."?act=user';
		</script>";
	}
}
else if(isset($_POST['saveuser']))
{
	$id=intval($_POST['id']);
	$user = addslashes($_POST['edit-username']);
	$pass = addslashes($_POST['edit-password']);
	$is_active = $_POST['edit-is-active'];
	if($user=="")
	{
		$smarty->assign("msg",$msg['empty_username']);
	}
	else
	{
		$query = query("select id from user where username = '$user'");
		$r=fetch($query);
		if(numrows($query)>0 && $r['id']!=$id)
		{
			$smarty->assign("msg",$msg['account_exist']);
			
		}else
		{
			
			$data=array(
				"username" =>$user,
				"is_active" => $is_active,
				"`group`" => intval($_POST['group']),
			);
			if($pass!="")
				$data["password"] = md5($pass);
			if(update($data,"user","id=$id"))
				$smarty->assign("msg",$msg['edit-success']."<script>setTimeout('location.href=\"".base_admin."?act=user\"',1000);</script>");
			else
				$smarty->assign("msg",$msg['error']);
			
		}
	}
}
if(isset($_GET['id']) && intval($_GET['id'])!="")
{
	$id = intval($_GET['id']);
	$query=query("select * from user where id=$id");
	$num = numrows($query);
	if($num!=1)
		$smarty->assign("msg",$msg["account_not_found"]);
	else
	{
		$r=fetch($query);
		$smarty->assign("id",$r["id"]);
		$smarty->assign("username",$r["username"]);
		if($r["is_active"] == 0)
			$smarty->assign("block","SELECTED");
		else
			$smarty->assign("active","SELECTED");
		$g=query("select id,name from `group`");
		while($rg=fetch($g))
		{
			if($r['group']==$rg[id])
				$rg[selected]="SELECTED";
			$group[]=$rg;
		}
		$smarty->assign("lgroup",$group);
	}
}
$smarty->display("edit-user.htm");

?>